Recording logs

Logging and reporting

 

 

Recording logs on a remote computer

You can configure the FortiGate unit to record log messages on a remote computer.

The remote computer must be configured with a syslog server.

To record logs on a remote computer

1Go to Log&Report > Log Setting.

2Select the Log to Remote Host check box to send the logs to a syslog server.

3Type the IP address of the remote computer running syslog server software.

4Type the port number of the syslog server.

5Select the severity level for which you want to record log messages.

The FortiGate unit logs all levels of severity down to, but not lower than, the level you choose. For example, if you want to record emergency, alert, critical, and error messages, select Error.

See “Log message levels” on page 312.

6Select Config Policy.

Select the Log type for which you want the FortiGate unit to record logs.

For each Log type, select the activities for which you want the FortiGate unit to record log messages.

For information about log types and activities, see “Filtering log messages” on page 313 and “Configuring traffic logging” on page 314.

7Select OK.

8Select Apply.

Recording logs on a NetIQ WebTrends server

Use the following procedure to configure the FortiGate unit to record logs on a remote NetIQ WebTrends firewall reporting server for storage and analysis. FortiGate log formats comply with WebTrends Enhanced Log Format (WELF) and are compatible with WebTrends NetIQ Security Reporting Center 2.0 and Firewall Suite 4.1. For more information, see the Security Reporting Center and Firewall Suite documentation.

Note: FortiGate traffic log messages include sent and received fields, which are optional but required for drawing a WebTrends graph.

To record logs on a NetIQ WebTrends server

1Go to Log&Report > Log Setting.

2Select the Log in WebTrends Enhanced Log Format check box.

3Type the IP address of the NetIQ WebTrends firewall reporting server.

4Select the severity level for which you want to record log messages.

The FortiGate logs all levels of severity down to, but not lower than, the level you choose. For example, if you want to record emergency, alert, critical, and error messages, select Error.

See “Log message levels” on page 312.

310

Fortinet Inc.

Page 310
Image 310
Fortinet FortiGate-800 manual Recording logs on a remote computer, Recording logs on a NetIQ WebTrends server, 310